Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

coondoggie writes "Trying to get out in front of what they call a censorship arms race, a team of researchers has come up with technology that lets users exchange messages through heavily censored networks in countries such as China and North Korea in hidden channels via user-generated content sites such as Twitter or Flickr. Researchers with the Georgia Tech School of Computer Science will demo the technology known as Collage for the first time at next month's Usenix security conference and ideally have a working package the public can download by the end of August."

China's censor ship is designed to prevent people from openly sharing content that they don't want shared. Communications between two people who have an existing relationship and a desire to exchange information is always going to be possible through a variety of methods. This doesn't change that.

I agree with you but at least it gets people thinking in the right direction. In my opinion and in anyones opinion the main roadblock is inability to find the access points. So its not difficult for a group of friends to agree to go to a specific site at a specific time and just one of them posts the access point and now they all have it. In fact it could be put up in an IRC chat or anywhere really.

So no this doesn't really make a big difference practically speaking but it does help China to beef up their c

And that direction is the opposite of anywhere that would seek to limit the free exchange of information, whether by heavy-handed government fiat or by para-legal "intellectual property" laws.

I hope to see a new arms race, between China, who wants to subvert the West's system of intellectual property and the US, that seeks to subvert China's limitation on open communications. It's the only kind of arms race where the rest of us win.

I'm afraid that the opposite is going to happen though: China will become more compliant to the US' corporate information lockdown and the US will become more tolerant of China's heavy hand. Both governments ultimately want the same thing: a weak and malleable work'n'consume force that will keep the corporations rich and the ownership elite richer, while not expecting too much and not threatening the hegemony of the monied. Good shoppers who will calmly strive for a lifestyle that is just out of reach so they can't make any lifestyle choices that would threaten the system.

At least the people in the Matrix had a nice dream. Our future is more along the lines of Metropolis only with large-screen TVs bought on credit.

And that direction is the opposite of anywhere that would seek to limit the free exchange of information, whether by heavy-handed government fiat or by para-legal "intellectual property" laws.

I hope to see a new arms race, between China, who wants to subvert the West's system of intellectual property and the US, that seeks to subvert China's limitation on open communications. It's the only kind of arms race where the rest of us win.

I'm afraid that the opposite is going to happen though: China will become more compliant to the US' corporate information lockdown and the US will become more tolerant of China's heavy hand. Both governments ultimately want the same thing: a weak and malleable work'n'consume force that will keep the corporations rich and the ownership elite richer, while not expecting too much and not threatening the hegemony of the monied. Good shoppers who will calmly strive for a lifestyle that is just out of reach so they can't make any lifestyle choices that would threaten the system.

At least the people in the Matrix had a nice dream. Our future is more along the lines of Metropolis only with large-screen TVs bought on credit.

Yeah but what they want and what they'll get are two different things. I'm sure the money elites didn't want the economy to melt down but it has. Now all their plans are ruined. It's simply impossible to continue with business as usual, something will change or we will sink into a global depression and we wont get out of that until something changes.

"Yeah but what they want and what they'll get are two different things. I'm sure the money elites didn't want the economy to melt down but it has. Now all their plans are ruined. It's simply impossible to continue with business as usual, something will change or we will sink into a global depression and we wont get out of that until something changes."

I don't see many of them out on the street. From where I'm standing, the wealthy elite are doing just fine right now, even with the crap economy. Of course, f

"Yeah but what they want and what they'll get are two different things. I'm sure the money elites didn't want the economy to melt down but it has. Now all their plans are ruined. It's simply impossible to continue with business as usual, something will change or we will sink into a global depression and we wont get out of that until something changes."

I don't see many of them out on the street. From where I'm standing, the wealthy elite are doing just fine right now, even with the crap economy. Of course, from where I'm standing, the reason our crap economy is crap is that the wealthy elite drained the rest of us dry... we gave them everything they asked for, on the premise that it would all "trickle down", only to find that money ignores gravity.

There wont be rich elites out on the streets. Thats not what is going to happen. What is going to happen is they'll try to build lots of prisons to put poor people in there rather than extend unemployment benefits or pay for welfare. This will end up costing them more than if they just gave them the benefits. Then they'll have to deal with the growth of organized crime, terrorism, and others who will target them and their turf. As the middle class shrinks and ceases to exist, civil unrest will grow until th

Corporations are still making a profit. Lots of shares bought and sold on Wall Street. Big companies are getting bigger by the day, eating the smaller.

I don't think their plans are ruined, I think their plans are coming to fruition.

What happens during an inflationary depression?

You have a situation where dollars aren't buying what they used to buy and aren't worth what they once were. This means the only way out of this situation is to raise taxes and deflate the dollar, the rich elite don't want to see the dollar deflated but everybody else does.

This is not good for the rich elite because the entire world is in a depression because of what they wont do policywise. There also is no easy way out of it so the depression is set to get wo

In fact, if you can and prefer reading and writing English, then you can access to most information that are otherwise blocked. The Chinese government worries about the poor people. If you can and prefer reading English, you are likely well educated with some financial resources -- you are the successful ones in their society and you are not going to try hard to subvert it. The biggest problem in China is still poverty.

Neither they care any fringe way to bypass their censor, because they worry about mass unrest. For example, while you can't go to YouTube, you can go to other sites for video because not many people even know those small sites. Once the site becomes popular, it will be blocked.

Unless this technology can be shown to have a chance to become very popular and it still can't be blocked when it is very popular, it is not a relevant censor-bypassing technology.

If the access points to the darknet are kept secret, Alice and Bob remain safe from Mallory, Eve, even Gordon if trust is absolute between Alice and Bob it is an unbreakable chain. It's the basis behind PGP's web of trust protocol.

Collage's success lies on a censor's unwillingness to block large quantities of legitimate content.

As we all know, the definition of "legitimate" varies from totalitarian regime to totalitarian regime, and also depends on what the leaders want the public to see and how badly something like this needs to be blocked.

Exactly. Just about the only legitimate content one could more or less safely hide behind is communication that is vital for business and international finance.

The government of China is all too willing to block Google over failing to censor certain search results - why would they have qualms about blocking Flickr if it is being used for spreading "subversive" content?

Because now China, North Korea and Australia know to look for it.They'd have been better off releasing this at a hacker convention than to do it through university channels. Don't you think they (the Chinese) keep track of it?

To win this sort of arms race, you need secret weaponry. You cannot announce it to the global media before it's finished or too soon because whatever vulnerability it exploits will be fixed soon later and then what would the purpose be?

You took the words out of my mouth. Censorship can only be defeated by a non-compliant citizenry willing to sacrifice comfort for freedom. Technology is just a tool, like a bomb or a gun, or a printing press, to use against repressive regimes.

And let's not forget the kind of censorship that's employed by corporations that would use patents and copyrights to enforce their power. Like a corporation that would seek to patent, say, the turning of a virtual page. Last week when the direct attacks against Creative Commons and the EFF started, the scales fell from my eyes. I finally realized that they're not just trying to protect their own "intellectual property", they want a monopoly on ALL intellectual property. They want to have a monopoly on all information, on all culture, on every product of human intellect.

That's when I realized the Pirate Party was the only political group I could possibly support going forward.

If it involves steganography it's useless now. Because now China, North Korea and Australia know to look for it.

I wonder if the Aussie people and the Aussie government realize just what a condemnation of what they have become this is... to be legitimately and accurately grouped with the likes of China, North Korea, Iran, and Myanmar over a basic human rights and civil liberties issue.

The government for what it does to its citizens.
The people for tolerating it.

They'd have been better off releasing this at a hacker convention than to do it through university channels. Don't you think they (the Chinese) keep track of it?

The hacker convention - like most such affairs - might as well book the Holiday Inn at Fort Meade. The National Cryptologic Museum - a hop, skip and jump away from NSA Headquarters - is fun for older kids and they even have a gift shop.

Done well, steganography actually cannot be detected. In fact, even if you know it's there AND can decrypt it, you still can't absolutely PROVE that it's not just an artifact of a crafted decryption key.

Darknets are the best way to beat censorship. This does not mean providing tools to hide the data on known sites. That's not going to be good enough. A darknet means having a secret internet within the internet itself accessed by a covert channel. The channel could be hidden by steganography but the channel is just an access point. This could be the seed nodes to freenet. This could be the seednodes to a series of proxies to bounce the information from point A to point B.

Alice and Bob both want to communicate but they don't want to be discovered by Mallory or by Eve. So they both have a shared secret and that secret is the access point to the darknet. As long as this access point remains secret Mallory and Eve do not know it exists. The access point could be contained via steganography within an image. Inside the image would be IP addresses to the secret proxies or connection points to the darknet which could be Freenet. The traffic would look like browing lolcats or 4chan, just looking at pictures but it wouldn't display pictures on Alice or Bob's sites, it would display something else.

Technically it's not all that difficult in theory. In practice is a different story. First of all Alice has to be able to trust Bob enough to give the access point. The access point is the secret and once smoeone enters the darknet they can stay in it via a web of trust. It's not all that different from PGP where Alice vouches for Bob, so Bob is invited into the darknet. Now Bob can see whats going on and if Bob posts then Bob wins the opportunity to invite someone into the darknet. You could have websites like https://www.slashdot.dark/ [slashdot.dark] instead of.com which can ONLY be accessed by individuals who not only have the right seed nodes but authentication from the web of trust.

The friend to friend model is proven to be the most secure way to do it. And really if you are in China going up against the government it's the only way to do it.

I2P is nice but isn't it written in Java? I suppose it's part of the ideal system but thats not the issue. The issue is getting into the darknet without being detected. If you download I2P then it's too late, you are detected.

But it requires keeping the access point a secret. Very little stays secret forever. From moles to coercion to just plain stupid mistakes, they have ways of getting out.

Infinite amount of potential access points. When one secret is discovered 10 more are created. It's impossible for the government to catch them all and it's not meant to stay secret forever, just long enough to connect Alice and Bob to darknet.

The problem with darknets is like you said, it requires trust. Networks based on trust can be great when they are small but end up crumbling at larger scales. How do you know that your neighbor isn't working for the government? How do you let someone in who wants to know "secrets" about China? On one hand you can't afford not letting people participate in a revolution because then the revolution will be too tiny and fail, on the other and you can't afford to let a government agent into your darknet and risk

Trust can be expressed by digital currency. An individual with a lot of trust has a lot of digital currency to give to individuals he or she trusts. If one or some of those individuals are found out to work for the government or suspected, then trust is lost.

Digital currency could be used to buy access to locked darknets within the darknet. This would create infinite layers to the darknet so that the most trusted are also at the deepest layers. This means Alice trusts Bob so Alice bets points on Bob. If Bob

The friend to friend model is proven to be the most secure way to do it.

Right up until one of the friends rats out the others. Or until the spurned ex-[girl|boy]friend rats out one of the friends. Or until one of the friends does something that brings him to the attention of the authorities (say rape, or murder) and he rats out his subversive friends to save his own hide...Then it becomes one of the least secure ways.

in the case of China, the people you want to hide from, "Mallory and Eve" have access to all traffic coming from you, and see your IP connecting to the 'secret' ip.

No what they'd see is you connecting to a website which hosts large irrelevant picture files. What they'd see is you connecting via port 80, or another high traffic port. What they'd see is you are connecting to a series of websites over and over. The point is that it's easy to mask or hide from traffic analysis. You can make your connections look like something else.

Mallory and Eve will think you are connecting to the internet when its actually the darknet.They might see you are connecting to an IP address

the ORIGINAL story says to use steganography techniques on normal common use websites such as facebook and flickr as connecting to those sites will not draw undue attention.

Your post- the one I was replying to, says --NO NO NO-- they must have a secret IP address to unknown proxies..

I dispute that, originally and again, because to connect to those UNKNOWN proxies, they have to type in an unusual IP address.. that kind of activity can easily by tracked by governments with access..

and your rebuttal to me says- what exactly? connecting to a series of websites makes it OK? if I control the ISP- If I am the opressor with complete system access I can pull every packet you send and receive and reassemble them.... I'll ignore connections to facebook or flickr, but I sure as hell won't ignore connections that you and 11 other people I'm keeping an eye on connect to- that no one else does...

only connections to systems that everyone commonly connects to are likely to be hideable..

Thats where you are wrong. They wont have to type in any IP address. The entire process could be automated and done via steganography that is what I'm saying. I'm saying they could connect to 4chan, click on a picture file, the picture file could contain seednodes (IP addresses), connecting to these seednodes which could be made to look like a search request or any IP address because it's a proxy on port 80. The proxy could be run by anybody and this means it could look like a connection to IRC, a connectio

Sorry to spoil your day dreams but the kind of darknet you describe would not work well in practise.

First, the security of steganography is very limited. Research has shown that even very sophisticated steganographic methods -- those that take into account the statistical properties of their transmission channel -- can easily be detected as soon as a significant amount of information is transmitted over the steganographic channel. Using tools like freenet might help, as they make traffic analysis harder, bu

Trying to get out in front of what they call a censorship arms race, a team of researchers has come up with technology that lets users exchange messages through heavily censored networks in countries such as China and North Korea in hidden channels via user-generated content sites such as Twitter or Flickr.

So how long till this gets either banned or heavily frowned upon in the "western" world?

Why is it that we are so happy to help Chinese, Iranian, North Korean and other dissidents get the word out and work against their censorship yet we (as in the government of the US and Europe) embrace censorship of our own networks?

Read the mission statement of the CIA, and the CyberCommand. To win the hearts and minds of these individuals and help them to overthrow their oppressive regimes we have to promote anti censorship. It just so happens that in other situations we promote dictators and oppressive regimes. So it's all about winning the cyberwar against China and North Korea.

This will not work as Twitter, youtube, facebook, wikipedia(used to) is blocked completely in C***a for example.

As for the censorship on the internet, the bigger problem is the access, in many parts of the world, getting an internet access is a privilege and you must supply your real name, ID, address and reason for access the internet, not to mention you must sign-on and sign-off.

The books, letters and the word of mouth are more powerful weapon as they can already bring huge wealth of information, and can

Not only that access is restricted, but if you get caught running something like freenet, or having unauthorized encrypted transmissions, it wont matter what the content is, you can still be charged/jailed/executed just for the act of trying.

...there isn't any way for regimes to block access to specific websites.

And um... North Korea? I'm sure there's a 386 or two floating around there (not including the ones that power their nuke facilities) but how many North Korean dissidents do you suppose have access to the internet? They'll need to focus more on cell phone and sneaker net communications (smuggled across the Chinese border) if they want to reach them.